This koa middleware allows you to restrict access to pages with Escher authentication.
The middlewares will work only in the following order:
- Interceptor middleware (lib/koa-interceptor)
- Bodyparser from other sources (e.g. koa-bodyparser)
- Authenticator middleware (lib/koa-authenticator)
let app = require('koa')();
let BoarServer = require('boar-stack').app;
let server = new BoarServer(app);
let escherAuth = require('koa-escher-auth');
server.addMiddleware(escherAuth.interceptor());
server.addBodyParseMiddleware();
...
let controllerFactory = require('boar-stack').lib.controllerFactory;
let escherAuth = require('koa-escher-auth');
let escherConfig = {
credentialScope: 'eu/app-id/ems_request',
keyPool: JSON.stringify([
{ 'keyId': 'app-id_suite_v1', 'secret': 'app-id-secret', acceptOnly: 0 }
])
};
// escherAuth.authenticator(escherConfig)
module.exports = controllerFactory.create(function(router) {
router.post('/import-hds', escherAuth.authenticator(escherConfig), function*() {
this.body = 'Hello world';
});
});
If you define SUITE_ESCHER_CREDENTIAL_SCOPE and SUITE_ESCHER_KEY_POOL as environment variables the setup becomes even more easier.
SUITE_ESCHER_CREDENTIAL_SCOPE='eu/app-id/ems_request'
SUITE_ESCHER_KEY_POOL='{"keyId": "app-id_suite_v1", "secret": "app-id-secret", "acceptOnly": 0}'
let controllerFactory = require('boar-stack').lib.controllerFactory;
let escherAuth = require('koa-escher-auth');
// escherAuth.authenticator(escherConfig)
module.exports = controllerFactory.create(function(router) {
router.post('/import-hds', escherAuth.authenticator(), function*() {
this.body = 'Hello world';
});
});
The keypool always has to be a valid JSON string.
You are able to add other middlewares between interceptor and authenticator if you want.